15492 matches found
Researcher Spotlight: Giannis Tziakouris first learned how to fix his family’s PC, and now he’s fixing networks all over the globe
Giannis Tziakouris had a problem growing up: He kept breaking his PC. He loved experimenting on his familys home computer, but things didnt always go as planned. Thats when his dad told him he had to learn how to fix the PC and get it back up and running, or hed revoke Giannis computer access...
Online Computer and Laptop Store SQL Injection Vulnerability
Online Computer and Laptop Store is an online computer and laptop sales system. Online Computer and Laptop Store is vulnerable to SQL injection, which can be exploited by attackers to perform SQL injection and steal data, among other things...
Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)
!/usr/bin/env python3 Exploit Title: Online Computer and Laptop Store 1.0 - Remote Code Execution RCE Date: 09/04/2023 Exploit Author: Matisse Beckandt Backendt Vendor Homepage:...
CVE-2023-1961 SourceCodester Online Computer and Laptop Store cross site scripting
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/?page=systeminfo. The manipulation of the argument System Name leads to cross site scripting. It is possible to launch the...
CVE-2023-1961
CVE-2023-1961 affects SourceCodester Online Computer and Laptop Store 1.0. The vulnerability is a cross-site scripting flaw in the unknown function behind the endpoint /admin/?page=system_info, triggered by manipulating the System Name parameter. It can be exploited remotely, and the exploit has ...
CVE-2023-1960
SourceCodester Online Computer and Laptop Store 1.0 is affected by CVE-2023-1960 via SQL injection in /classes/Master.php?f=delete_category (id parameter). The issue allows remote exploitation and is classified as critical; exploit information has been disclosed publicly. Multiple sources confirm...
CVE-2023-1958
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /classes/Master.php?f=deletesubcategory. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
Sql injection
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...
CVE-2023-1959 SourceCodester Online Computer and Laptop Store sql injection
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...
CVE-2023-1959 SourceCodester Online Computer and Laptop Store sql injection
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...
CVE-2023-1958
CVE-2023-1958 concerns a SQL injection in SourceCodester Online Computer and Laptop Store 1.0, affecting an unknown part of /classes/Master.php?f=delete_sub_category where the id parameter is manipulated to execute arbitrary SQL. A remote attacker could exploit this vulnerability, and public disc...
CVE-2023-1958 SourceCodester Online Computer and Laptop Store sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /classes/Master.php?f=deletesubcategory. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
CVE-2023-1957
CVE-2023-1957 affects SourceCodester Online Computer and Laptop Store v1.0. The SQL injection is triggered via the sub_category parameter in /classes/Master.php?f=save_sub_category (Subcategory Handler). Several sources describe remote exploitation, with high-severity impact on confidentiality, i...
CVE-2023-1954
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been rated as critical. This issue affects the function saveinventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. T...
CVE-2023-1953
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/sales/index.php. The manipulation of the argument datestart/dateend leads to sql injection. The attack can be initiated...
Sql injection
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been rated as critical. This issue affects the function saveinventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. T...
CVE-2023-1956
CVE-2023-1956 concerns a path traversal in SourceCodester Online Computer and Laptop Store 1.0, specifically in the Image Handler’s file /classes/Master.php?f=delete_img. Multiple connected sources confirm remote exploitation potential and public disclosure, with the vulnerability arising from un...
CVE-2023-1956 SourceCodester Online Computer and Laptop Store Image path traversal
A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=deleteimg of the component Image Handler. The manipulation of the argument path leads to path...
CVE-2023-1955
CVE-2023-1955 affects SourceCodester Online Computer and Laptop Store 1.0, specifically the login.php file under the User Registration component. The vulnerability is a SQL injection caused by unsafely handling the email parameter in an unknown function, enabling remote exploitation. Public explo...
CVE-2023-1955 SourceCodester Online Computer and Laptop Store User Registration login.php sql injection
A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is an unknown function of the file login.php of the component User Registration. The manipulation of the argument email leads to sql injection. It is possible to launch the attac...